[Virus] infecté Trojan.Downloader.WinFixer.W Fermé

Question

Bonjour,

Je n'y connais rien en informatique, et après avoir fait une analyse avec Bit-defender, je viens de me rendre compte que mon ordi est infecté par Trojan.Downloader.WinFixer.W... 

Que dois-je faire? (j'ai lu quelques uns de vos messages, mais je n'y comprends pas grand chose non plus!)

Merci pour votre aide !

Tinana

jalobservateur · Answer

Salut ! Réponse sur ce forum : https://forums.commentcamarche.net/forum/affich-3175150-virus-infecte-par-trojan-fotomato

tinana · Answer

Je vous poste le rapport? Il se trouve où?

Merci du coup de main!

tinana · Answer

Bon, j'ai suivi les 2 liens... J'ai fait un scan avec clean up, voici le résultat :

CleanUp! started on 07/26/07 17:18:37.
...
C:\WINDOWS	emp	mp00003f8d	mp00000000 - deleted
C:\WINDOWS	emp	mp00003f8d\ - deleted
C:\WINDOWS	emp	mp0000405f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000405f\ - deleted
C:\WINDOWS	emp	mp0000409c	mp00000000 - deleted
C:\WINDOWS	emp	mp0000409c\ - deleted
C:\WINDOWS	emp	mp0000409f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000409f\ - deleted
C:\WINDOWS	emp	mp000040a1	mp00000000 - deleted
C:\WINDOWS	emp	mp000040a1\ - deleted
C:\WINDOWS	emp	mp00004101	mp00000000 - deleted
C:\WINDOWS	emp	mp00004101\ - deleted
C:\WINDOWS	emp	mp00004179	mp00000000 - deleted
C:\WINDOWS	emp	mp00004179\ - deleted
C:\WINDOWS	emp	mp0000418a	mp00000000 - deleted
C:\WINDOWS	emp	mp0000418a\ - deleted
C:\WINDOWS	emp	mp000041a1	mp00000000 - deleted
C:\WINDOWS	emp	mp000041a1\ - deleted
C:\WINDOWS	emp	mp000041c8	mp00000000 - deleted
C:\WINDOWS	emp	mp000041c8\ - deleted
C:\WINDOWS	emp	mp000041e8	mp00000000 - deleted
C:\WINDOWS	emp	mp000041e8\ - deleted
C:\WINDOWS	emp	mp00004287	mp00000000 - deleted
C:\WINDOWS	emp	mp00004287\ - deleted
C:\WINDOWS	emp	mp000042ab	mp00000000 - deleted
C:\WINDOWS	emp	mp000042ab\ - deleted
C:\WINDOWS	emp	mp0000437d	mp00000000 - deleted
C:\WINDOWS	emp	mp0000437d\ - deleted
C:\WINDOWS	emp	mp00004383	mp00000000 - deleted
C:\WINDOWS	emp	mp00004383\ - deleted
C:\WINDOWS	emp	mp000043fa	mp00000000 - deleted
C:\WINDOWS	emp	mp000043fa\ - deleted
C:\WINDOWS	emp	mp00004511	mp00000000 - deleted
C:\WINDOWS	emp	mp00004511\ - deleted
C:\WINDOWS	emp	mp000045d2	mp00000000 - deleted
C:\WINDOWS	emp	mp000045d2\ - deleted
C:\WINDOWS	emp	mp000045db	mp00000000 - deleted
C:\WINDOWS	emp	mp000045db\ - deleted
C:\WINDOWS	emp	mp000045e0	mp00000000 - deleted
C:\WINDOWS	emp	mp000045e0\ - deleted
C:\WINDOWS	emp	mp0000460b	mp00000000 - deleted
C:\WINDOWS	emp	mp0000460b\ - deleted
C:\WINDOWS	emp	mp00004641	mp00000000 - deleted
C:\WINDOWS	emp	mp00004641\ - deleted
C:\WINDOWS	emp	mp0000469d	mp00000000 - deleted
C:\WINDOWS	emp	mp0000469d\ - deleted
C:\WINDOWS	emp	mp00004784	mp00000000 - deleted
C:\WINDOWS	emp	mp00004784\ - deleted
C:\WINDOWS	emp	mp0000479c	mp00000000 - deleted
C:\WINDOWS	emp	mp0000479c\ - deleted
C:\WINDOWS	emp	mp00004814	mp00000000 - deleted
C:\WINDOWS	emp	mp00004814\ - deleted
C:\WINDOWS	emp	mp0000483d	mp00000000 - deleted
C:\WINDOWS	emp	mp0000483d\ - deleted
C:\WINDOWS	emp	mp00004896	mp00000000 - deleted
C:\WINDOWS	emp	mp00004896\ - deleted
C:\WINDOWS	emp	mp000048a1	mp00000000 - deleted
C:\WINDOWS	emp	mp000048a1\ - deleted
C:\WINDOWS	emp	mp00004963	mp00000000 - deleted
C:\WINDOWS	emp	mp00004963\ - deleted
C:\WINDOWS	emp	mp00004a23	mp00000000 - deleted
C:\WINDOWS	emp	mp00004a23\ - deleted
C:\WINDOWS	emp	mp00004b28	mp00000000 - deleted
C:\WINDOWS	emp	mp00004b28\ - deleted
C:\WINDOWS	emp	mp00004bbe	mp00000000 - deleted
C:\WINDOWS	emp	mp00004bbe\ - deleted
C:\WINDOWS	emp	mp00004bbf	mp00000000 - deleted
C:\WINDOWS	emp	mp00004bbf\ - deleted
C:\WINDOWS	emp	mp00004bdc	mp00000000 - deleted
C:\WINDOWS	emp	mp00004bdc\ - deleted
C:\WINDOWS	emp	mp00004bfb	mp00000000 - deleted
C:\WINDOWS	emp	mp00004bfb\ - deleted
C:\WINDOWS	emp	mp00004cd3	mp00000000 - deleted
C:\WINDOWS	emp	mp00004cd3\ - deleted
C:\WINDOWS	emp	mp00004dc2	mp00000000 - deleted
C:\WINDOWS	emp	mp00004dc2\ - deleted
C:\WINDOWS	emp	mp00004dc7	mp00000000 - deleted
C:\WINDOWS	emp	mp00004dc7\ - deleted
C:\WINDOWS	emp	mp00004df2	mp00000000 - deleted
C:\WINDOWS	emp	mp00004df2\ - deleted
C:\WINDOWS	emp	mp00004e6a	mp00000000 - deleted
C:\WINDOWS	emp	mp00004e6a\ - deleted
C:\WINDOWS	emp	mp00004ee4	mp00000000 - deleted
C:\WINDOWS	emp	mp00004ee4\ - deleted
C:\WINDOWS	emp	mp00004f96	mp00000000 - deleted
C:\WINDOWS	emp	mp00004f96\ - deleted
C:\WINDOWS	emp	mp00005006	mp00000000 - deleted
C:\WINDOWS	emp	mp00005006\ - deleted
C:\WINDOWS	emp	mp00005018	mp00000000 - deleted
C:\WINDOWS	emp	mp00005018\ - deleted
C:\WINDOWS	emp	mp00005058	mp00000000 - deleted
C:\WINDOWS	emp	mp00005058\ - deleted
C:\WINDOWS	emp	mp00005091	mp00000000 - deleted
C:\WINDOWS	emp	mp00005091\ - deleted
C:\WINDOWS	emp	mp0000513b	mp00000000 - deleted
C:\WINDOWS	emp	mp0000513b\ - deleted
C:\WINDOWS	emp	mp0000513e	mp00000000 - deleted
C:\WINDOWS	emp	mp0000513e\ - deleted
C:\WINDOWS	emp	mp000051c7	mp00000000 - deleted
C:\WINDOWS	emp	mp000051c7\ - deleted
C:\WINDOWS	emp	mp0000523c	mp00000000 - deleted
C:\WINDOWS	emp	mp0000523c\ - deleted
C:\WINDOWS	emp	mp00005285	mp00000000 - deleted
C:\WINDOWS	emp	mp00005285\ - deleted
C:\WINDOWS	emp	mp000052a3	mp00000000 - deleted
C:\WINDOWS	emp	mp000052a3\ - deleted
C:\WINDOWS	emp	mp00005334	mp00000000 - deleted
C:\WINDOWS	emp	mp00005334\ - deleted
C:\WINDOWS	emp	mp00005351	mp00000000 - deleted
C:\WINDOWS	emp	mp00005351\ - deleted
C:\WINDOWS	emp	mp000053ec	mp00000000 - deleted
C:\WINDOWS	emp	mp000053ec\ - deleted
C:\WINDOWS	emp	mp000053f0	mp00000000 - deleted
C:\WINDOWS	emp	mp000053f0\ - deleted
C:\WINDOWS	emp	mp0000543e	mp00000000 - deleted
C:\WINDOWS	emp	mp0000543e\ - deleted
C:\WINDOWS	emp	mp000054e9	mp00000000 - deleted
C:\WINDOWS	emp	mp000054e9\ - deleted
C:\WINDOWS	emp	mp0000552f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000552f\ - deleted
C:\WINDOWS	emp	mp00005549	mp00000000 - deleted
C:\WINDOWS	emp	mp00005549\ - deleted
C:\WINDOWS	emp	mp00005580	mp00000000 - deleted
C:\WINDOWS	emp	mp00005580\ - deleted
C:\WINDOWS	emp	mp000055c7	mp00000000 - deleted
C:\WINDOWS	emp	mp000055c7\ - deleted
C:\WINDOWS	emp	mp000055ca	mp00000000 - deleted
C:\WINDOWS	emp	mp000055ca\ - deleted
C:\WINDOWS	emp	mp000055d1	mp00000000 - deleted
C:\WINDOWS	emp	mp000055d1\ - deleted
C:\WINDOWS	emp	mp000055d4	mp00000000 - deleted
C:\WINDOWS	emp	mp000055d4\ - deleted
C:\WINDOWS	emp	mp000055f0	mp00000000 - deleted
C:\WINDOWS	emp	mp000055f0\ - deleted
C:\WINDOWS	emp	mp0000561a	mp00000000 - deleted
C:\WINDOWS	emp	mp0000561a\ - deleted
C:\WINDOWS	emp	mp00005697	mp00000000 - deleted
C:\WINDOWS	emp	mp00005697\ - deleted
C:\WINDOWS	emp	mp000056ab	mp00000000 - deleted
C:\WINDOWS	emp	mp000056ab\ - deleted
C:\WINDOWS	emp	mp000056b9	mp00000000 - deleted
C:\WINDOWS	emp	mp000056b9\ - deleted
C:\WINDOWS	emp	mp000056c6	mp00000000 - deleted
C:\WINDOWS	emp	mp000056c6\ - deleted
C:\WINDOWS	emp	mp000056db	mp00000000 - deleted
C:\WINDOWS	emp	mp000056db\ - deleted
C:\WINDOWS	emp	mp000056fc	mp00000000 - deleted
C:\WINDOWS	emp	mp000056fc\ - deleted
C:\WINDOWS	emp	mp000057d1	mp00000000 - deleted
C:\WINDOWS	emp	mp000057d1\ - deleted
C:\WINDOWS	emp	mp000057d6	mp00000000 - deleted
C:\WINDOWS	emp	mp000057d6\ - deleted
C:\WINDOWS	emp	mp000057e0	mp00000000 - deleted
C:\WINDOWS	emp	mp000057e0\ - deleted
C:\WINDOWS	emp	mp000057ec	mp00000000 - deleted
C:\WINDOWS	emp	mp000057ec\ - deleted
C:\WINDOWS	emp	mp0000580b	mp00000000 - deleted
C:\WINDOWS	emp	mp0000580b\ - deleted
C:\WINDOWS	emp	mp00005818	mp00000000 - deleted
C:\WINDOWS	emp	mp00005818\ - deleted
C:\WINDOWS	emp	mp00005947	mp00000000 - deleted
C:\WINDOWS	emp	mp00005947\ - deleted
C:\WINDOWS	emp	mp00005988	mp00000000 - deleted
C:\WINDOWS	emp	mp00005988\ - deleted
C:\WINDOWS	emp	mp000059fa	mp00000000 - deleted
C:\WINDOWS	emp	mp000059fa\ - deleted
C:\WINDOWS	emp	mp00005a71	mp00000000 - deleted
C:\WINDOWS	emp	mp00005a71\ - deleted
C:\WINDOWS	emp	mp00005b88	mp00000000 - deleted
C:\WINDOWS	emp	mp00005b88\ - deleted
C:\WINDOWS	emp	mp00005be3	mp00000000 - deleted
C:\WINDOWS	emp	mp00005be3\ - deleted
C:\WINDOWS	emp	mp00005c04	mp00000000 - deleted
C:\WINDOWS	emp	mp00005c04\ - deleted
C:\WINDOWS	emp	mp00005c8d	mp00000000 - deleted
C:\WINDOWS	emp	mp00005c8d\ - deleted
C:\WINDOWS	emp	mp00005cac	mp00000000 - deleted
C:\WINDOWS	emp	mp00005cac\ - deleted
C:\WINDOWS	emp	mp00005cba	mp00000000 - deleted
C:\WINDOWS	emp	mp00005cba\ - deleted
C:\WINDOWS	emp	mp00005cdd	mp00000000 - deleted
C:\WINDOWS	emp	mp00005cdd\ - deleted
C:\WINDOWS	emp	mp00005d0d	mp00000000 - deleted
C:\WINDOWS	emp	mp00005d0d\ - deleted
C:\WINDOWS	emp	mp00005d57	mp00000000 - deleted
C:\WINDOWS	emp	mp00005d57\ - deleted
C:\WINDOWS	emp	mp00005d80	mp00000000 - deleted
C:\WINDOWS	emp	mp00005d80\ - deleted
C:\WINDOWS	emp	mp00005dcc	mp00000000 - deleted
C:\WINDOWS	emp	mp00005dcc\ - deleted
C:\WINDOWS	emp	mp00005df7	mp00000000 - deleted
C:\WINDOWS	emp	mp00005df7\ - deleted
C:\WINDOWS	emp	mp00005dfa	mp00000000 - deleted
C:\WINDOWS	emp	mp00005dfa\ - deleted
C:\WINDOWS	emp	mp00005e27	mp00000000 - deleted
C:\WINDOWS	emp	mp00005e27\ - deleted
C:\WINDOWS	emp	mp00005e36	mp00000000 - deleted
C:\WINDOWS	emp	mp00005e36\ - deleted
C:\WINDOWS	emp	mp00005ea2	mp00000000 - deleted
C:\WINDOWS	emp	mp00005ea2\ - deleted
C:\WINDOWS	emp	mp00005ec7	mp00000000 - deleted
C:\WINDOWS	emp	mp00005ec7\ - deleted
C:\WINDOWS	emp	mp00005ec9	mp00000000 - deleted
C:\WINDOWS	emp	mp00005ec9\ - deleted
C:\WINDOWS	emp	mp00005f03	mp00000000 - deleted
C:\WINDOWS	emp	mp00005f03\ - deleted
C:\WINDOWS	emp	mp00005f76	mp00000000 - deleted
C:\WINDOWS	emp	mp00005f76\ - deleted
C:\WINDOWS	emp	mp00005f8d	mp00000000 - deleted
C:\WINDOWS	emp	mp00005f8d\ - deleted
C:\WINDOWS	emp	mp00005ff0	mp00000000 - deleted
C:\WINDOWS	emp	mp00005ff0\ - deleted
C:\WINDOWS	emp	mp00005ffd	mp00000000 - deleted
C:\WINDOWS	emp	mp00005ffd\ - deleted
C:\WINDOWS	emp	mp00006027	mp00000000 - deleted
C:\WINDOWS	emp	mp00006027\ - deleted
C:\WINDOWS	emp	mp0000602d	mp00000000 - deleted
C:\WINDOWS	emp	mp0000602d\ - deleted
C:\WINDOWS	emp	mp000060dd	mp00000000 - deleted
C:\WINDOWS	emp	mp000060dd\ - deleted
C:\WINDOWS	emp	mp000060e0	mp00000000 - deleted
C:\WINDOWS	emp	mp000060e0\ - deleted
C:\WINDOWS	emp	mp000060ef	mp00000000 - deleted
C:\WINDOWS	emp	mp000060ef\ - deleted
C:\WINDOWS	emp	mp00006120	mp00000000 - deleted
C:\WINDOWS	emp	mp00006120\ - deleted
C:\WINDOWS	emp	mp00006173	mp00000000 - deleted
C:\WINDOWS	emp	mp00006173\ - deleted
C:\WINDOWS	emp	mp00006178	mp00000000 - deleted
C:\WINDOWS	emp	mp00006178\ - deleted
C:\WINDOWS	emp	mp000061b4	mp00000000 - deleted
C:\WINDOWS	emp	mp000061b4\ - deleted
C:\WINDOWS	emp	mp000061fe	mp00000000 - deleted
C:\WINDOWS	emp	mp000061fe\ - deleted
C:\WINDOWS	emp	mp00006272	mp00000000 - deleted
C:\WINDOWS	emp	mp00006272\ - deleted
C:\WINDOWS	emp	mp000062f9	mp00000000 - deleted
C:\WINDOWS	emp	mp000062f9\ - deleted
C:\WINDOWS	emp	mp0000634d	mp00000000 - deleted
C:\WINDOWS	emp	mp0000634d\ - deleted
C:\WINDOWS	emp	mp0000638d	mp00000000 - deleted
C:\WINDOWS	emp	mp0000638d\ - deleted
C:\WINDOWS	emp	mp000063f9	mp00000000 - deleted
C:\WINDOWS	emp	mp000063f9\ - deleted
C:\WINDOWS	emp	mp000063fd	mp00000000 - deleted
C:\WINDOWS	emp	mp000063fd\ - deleted
C:\WINDOWS	emp	mp0000644b	mp00000000 - deleted
C:\WINDOWS	emp	mp0000644b\ - deleted
C:\WINDOWS	emp	mp000064f9	mp00000000 - deleted
C:\WINDOWS	emp	mp000064f9\ - deleted
C:\WINDOWS	emp	mp0000658f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000658f\ - deleted
C:\WINDOWS	emp	mp00006653	mp00000000 - deleted
C:\WINDOWS	emp	mp00006653\ - deleted
C:\WINDOWS	emp	mp000066be	mp00000000 - deleted
C:\WINDOWS	emp	mp000066be\ - deleted
C:\WINDOWS	emp	mp000066dc	mp00000000 - deleted
C:\WINDOWS	emp	mp000066dc\ - deleted
C:\WINDOWS	emp	mp00006784	mp00000000 - deleted
C:\WINDOWS	emp	mp00006784\ - deleted
C:\WINDOWS	emp	mp000067d7	mp00000000 - deleted
C:\WINDOWS	emp	mp000067d7\ - deleted
C:\WINDOWS	emp	mp0000681f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000681f\ - deleted
C:\WINDOWS	emp	mp0000689b	mp00000000 - deleted
C:\WINDOWS	emp	mp0000689b\ - deleted
C:\WINDOWS	emp	mp00006960	mp00000000 - deleted
C:\WINDOWS	emp	mp00006960\ - deleted
C:\WINDOWS	emp	mp00006969	mp00000000 - deleted
C:\WINDOWS	emp	mp00006969\ - deleted
C:\WINDOWS	emp	mp000069e6	mp00000000 - deleted
C:\WINDOWS	emp	mp000069e6\ - deleted
C:\WINDOWS	emp	mp00006a2c	mp00000000 - deleted
C:\WINDOWS	emp	mp00006a2c\ - deleted
C:\WINDOWS	emp	mp00006a56	mp00000000 - deleted
C:\WINDOWS	emp	mp00006a56\ - deleted
C:\WINDOWS	emp	mp00006a87	mp00000000 - deleted
C:\WINDOWS	emp	mp00006a87\ - deleted
C:\WINDOWS	emp	mp00006b0a	mp00000000 - deleted
C:\WINDOWS	emp	mp00006b0a\ - deleted
C:\WINDOWS	emp	mp00006b34	mp00000000 - deleted
C:\WINDOWS	emp	mp00006b34\ - deleted
C:\WINDOWS	emp	mp00006b53	mp00000000 - deleted
C:\WINDOWS	emp	mp00006b53\ - deleted
C:\WINDOWS	emp	mp00006bd0	mp00000000 - deleted
C:\WINDOWS	emp	mp00006bd0\ - deleted
C:\WINDOWS	emp	mp00006bd1	mp00000000 - deleted
C:\WINDOWS	emp	mp00006bd1\ - deleted
C:\WINDOWS	emp	mp00006bfb	mp00000000 - deleted
C:\WINDOWS	emp	mp00006bfb\ - deleted
C:\WINDOWS	emp	mp00006c1a	mp00000000 - deleted
C:\WINDOWS	emp	mp00006c1a\ - deleted
C:\WINDOWS	emp	mp00006c83	mp00000000 - deleted
C:\WINDOWS	emp	mp00006c83\ - deleted
C:\WINDOWS	emp	mp00006d13	mp00000000 - deleted
C:\WINDOWS	emp	mp00006d13\ - deleted
C:\WINDOWS	emp	mp00006d27	mp00000000 - deleted
C:\WINDOWS	emp	mp00006d27\ - deleted
C:\WINDOWS	emp	mp00006d88	mp00000000 - deleted
C:\WINDOWS	emp	mp00006d88\ - deleted
C:\WINDOWS	emp	mp00006dbb	mp00000000 - deleted
C:\WINDOWS	emp	mp00006dbb\ - deleted
C:\WINDOWS	emp	mp00006eb2	mp00000000 - deleted
C:\WINDOWS	emp	mp00006eb2\ - deleted
C:\WINDOWS	emp	mp00007060	mp00000000 - deleted
C:\WINDOWS	emp	mp00007060\ - deleted
C:\WINDOWS	emp	mp0000707a	mp00000000 - deleted
C:\WINDOWS	emp	mp0000707a\ - deleted
C:\WINDOWS	emp	mp000070f4	mp00000000 - deleted
C:\WINDOWS	emp	mp000070f4\ - deleted
C:\WINDOWS	emp	mp00007101	mp00000000 - deleted
C:\WINDOWS	emp	mp00007101\ - deleted
C:\WINDOWS	emp	mp0000719a	mp00000000 - deleted
C:\WINDOWS	emp	mp0000719a\ - deleted
C:\WINDOWS	emp	mp00007225	mp00000000 - deleted
C:\WINDOWS	emp	mp00007225\ - deleted
C:\WINDOWS	emp	mp0000727a	mp00000000 - deleted
C:\WINDOWS	emp	mp0000727a\ - deleted
C:\WINDOWS	emp	mp000073af	mp00000000 - deleted
C:\WINDOWS	emp	mp000073af\ - deleted
C:\WINDOWS	emp	mp00007410	mp00000000 - deleted
C:\WINDOWS	emp	mp00007410\ - deleted
C:\WINDOWS	emp	mp00007435	mp00000000 - deleted
C:\WINDOWS	emp	mp00007435\ - deleted
C:\WINDOWS	emp	mp000074a7	mp00000000 - deleted
C:\WINDOWS	emp	mp000074a7\ - deleted
C:\WINDOWS	emp	mp000074c1	mp00000000 - deleted
C:\WINDOWS	emp	mp000074c1\ - deleted
C:\WINDOWS	emp	mp00007512	mp00000000 - deleted
C:\WINDOWS	emp	mp00007512\ - deleted
C:\WINDOWS	emp	mp00007601	mp00000000 - deleted
C:\WINDOWS	emp	mp00007601\ - deleted
C:\WINDOWS	emp	mp0000762f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000762f\ - deleted
C:\WINDOWS	emp	mp0000764b	mp00000000 - deleted
C:\WINDOWS	emp	mp0000764b\ - deleted
C:\WINDOWS	emp	mp0000771a	mp00000000 - deleted
C:\WINDOWS	emp	mp0000771a\ - deleted
C:\WINDOWS	emp	mp00007727	mp00000000 - deleted
C:\WINDOWS	emp	mp00007727\ - deleted
C:\WINDOWS	emp	mp00007754	mp00000000 - deleted
C:\WINDOWS	emp	mp00007754\ - deleted
C:\WINDOWS	emp	mp00007775	mp00000000 - deleted
C:\WINDOWS	emp	mp00007775\ - deleted
C:\WINDOWS	emp	mp0000778e	mp00000000 currently in use. Will be deleted when Windows is restarted.
C:\WINDOWS	emp	mp0000787f	mp00000000 - deleted
C:\WINDOWS	emp	mp0000787f\ - deleted
C:\WINDOWS	emp	mp000078aa	mp00000000 - deleted
C:\WINDOWS	emp	mp000078aa\ - deleted
C:\WINDOWS	emp	mp00007916	mp00000000 - deleted
C:\WINDOWS	emp	mp00007916\ - deleted
C:\WINDOWS	emp	mp00007919	mp00000000 - deleted
C:\WINDOWS	emp	mp00007919\ - deleted
C:\WINDOWS	emp	mp00007968	mp00000000 - deleted
C:\WINDOWS	emp	mp00007968\ - deleted
C:\WINDOWS	emp	mp00007987	mp00000000 - deleted
C:\WINDOWS	emp	mp00007987\ - deleted
C:\WINDOWS	emp	mp000079e9	mp00000000 - deleted
C:\WINDOWS	emp	mp000079e9\ - deleted
C:\WINDOWS	emp	mp00007a72	mp00000000 - deleted
C:\WINDOWS	emp	mp00007a72\ - deleted
C:\WINDOWS	emp	mp00007ac0	mp00000000 - deleted
C:\WINDOWS	emp	mp00007ac0\ - deleted
C:\WINDOWS	emp	mp00007b34	mp00000000 - deleted
C:\WINDOWS	emp	mp00007b34\ - deleted
C:\WINDOWS	emp	mp00007b8a	mp00000000 - deleted
C:\WINDOWS	emp	mp00007b8a\ - deleted
C:\WINDOWS	emp	mp00007c38	mp00000000 - deleted
C:\WINDOWS	emp	mp00007c38\ - deleted
C:\WINDOWS	emp	mp00007c8e	mp00000000 - deleted
C:\WINDOWS	emp	mp00007c8e\ - deleted
C:\WINDOWS	emp	mp00007d56	mp00000000 - deleted
C:\WINDOWS	emp	mp00007d56\ - deleted
C:\WINDOWS	emp	mp00007e00	mp00000000 - deleted
C:\WINDOWS	emp	mp00007e00\ - deleted
C:\WINDOWS	emp	mp00007e01	mp00000000 - deleted
C:\WINDOWS	emp	mp00007e01\ - deleted
C:\WINDOWS	emp	mp00007e1a	mp00000000 - deleted
C:\WINDOWS	emp	mp00007e1a\ - deleted
C:\WINDOWS	emp	mp00007e1c	mp00000000 - deleted
C:\WINDOWS	emp	mp00007e1c\ - deleted
C:\WINDOWS	emp	mp00007e39	mp00000000 - deleted
C:\WINDOWS	emp	mp00007e39\ - deleted
C:\WINDOWS	emp	mp00007e7a	mp00000000 - deleted
C:\WINDOWS	emp	mp00007e7a\ - deleted
C:\WINDOWS	emp	mp00007f8f	mp00000000 - deleted
C:\WINDOWS	emp	mp00007f8f\ - deleted
C:\WINDOWS	emp	mp00007fbc	mp00000000 - deleted
C:\WINDOWS	emp	mp00007fbc\ - deleted
C:\Documents and Settings\NetworkService\Cookies\index.dat - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\5MC24C7B\022-3306.French[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\5MC24C7B\061-3452.French[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\5MC24C7B\index-windows-1[1].sucatalog - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\8XAFC1UB\061-3184.French[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\8XAFC1UB\061-3419.French[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\GHUVC1QJ\022-3315.French[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\GHUVC1QJ\061-3527.English[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\WMSY350W\061-2802.French[1].dist - deleted
C:\Documents and Settings\NetworkService\locals~1	empor~1\Content.IE5\WMSY350W\061-3418.French[1].dist - deleted
C:\Documents and Settings\NetworkService\Local Settings\Temp\MpCmdRun.log - deleted
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\locals~1	empor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\Default User\Cookies\index.dat - deleted
C:\Documents and Settings\Default User\locals~1	empor~1\Content.IE5\index.dat - deleted
C:\Documents and Settings\bayrand\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\bayrand\locals~1	empor~1\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\bayrand\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\bayrand\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Local Cache\~Please do not delete files from this folder - deleted
C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\~Please do not delete files from this folder - deleted
C:\Documents and Settings\All Users\DRM\DRMv1.bak - deleted
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp - deleted
C:\Documents and Settings\bayrand\Application Data\Google\GoogleEarth\myplaces.kml.tmp - deleted
C:\Documents and Settings\bayrand\Application Data\LimeWire\fileurns.bak - deleted
C:\Documents and Settings\bayrand\Application Data\Microsoft\Address Book\bayrand.wab~ - deleted
C:\Documents and Settings\bayrand\Application Data\Microsoft\Word\~WRA0773.wbk - deleted
C:\Documents and Settings\bayrand\Application Data\Microsoft\Word\~WRA1150.wbk - deleted
C:\Documents and Settings\bayrand\Application Data\Microsoft\Word\~WRA2599.wbk - deleted
C:\Documents and Settings\bayrand\Application Data\Microsoft\Word\~WRL0004.tmp - deleted
C:\Documents and Settings\bayrand\Application Data\Microsoft\Word\~WRL1020.tmp - deleted
C:\Documents and Settings\bayrand\Application Data\Mozilla\Firefox\Profiles\oww95uyr.default\bookmarks.bak - deleted
C:\Documents and Settings\bayrand\Bureau\~WRL0754.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\~WRL2580.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\annie\~WRL0445.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\annie\~WRL3376.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\annie\~WRL3711.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\FANNY\DOSSIER IUFM\~WRL0003.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\NICO\Attente\downloads.bak - deleted
C:\Documents and Settings\bayrand\Bureau\NICO\Boulot\~WRL0003.tmp - deleted
C:\Documents and Settings\bayrand\Bureau\NICO\Guitar Pro\Tabs\~$re Straits - Where You Think You're Going.doc - deleted
C:\Documents and Settings\bayrand\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\bayrand\Incomplete\downloads.bak - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\IM\Identities\{19A5C809-F116-4E33-9466-D37860D9127E}\AddressBook\AddressBook.imb.bak - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\IM\Identities\{19A5C809-F116-4E33-9466-D37860D9127E}\Message Store\Folders.bak - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messenger\mathieu.nicol@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messenger\mathieu.nicol@hotmail.fr\SharingMetadata\Working\database_92A4_C97D_A4C9_63F7\fsr.chk - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messenger
icolas.kervern@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messenger
icolas.kervern@hotmail.fr\SharingMetadata\Working\database_92A4_C97D_A4C9_63F7\fsr.chk - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messenger
ikkogekoz@msn.com\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messenger
ikkogekoz@msn.com\SharingMetadata\Working\database_92A4_C97D_A4C9_63F7\fsr.chk - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messengeridingsun@hotmail.fr\SharingMetadata\volume.xml~ - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Microsoft\Messengeridingsun@hotmail.fr\SharingMetadata\Working\database_92A4_C97D_A4C9_63F7\fsr.chk - deleted
C:\Documents and Settings\bayrand\Local Settings\Application Data\Yahoo\Widget Engine\Analog Clock.widget\Analog Clock.widget\Contents\ve-94.tmp - deleted
C:\Documents and Settings\bayrand\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\bayrand\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\bayrand\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak - deleted
C:\Documents and Settings\bayrand\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak - deleted
C:\Documents and Settings\bayrand\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak - deleted
C:\Documents and Settings\bayrand\Mes documents\Ma musique\Sauvegarde de la licence\drmv2lic.bak - deleted
C:\Documents and Settings\bayrand\UserData\index.dat - deleted
C:\Documents and Settings\Default User\Local Settings\Historique\History.IE5\index.dat - deleted
C:\Documents and Settings\LocalService\Cookies\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat currently in use. Will be deleted when Windows is restarted.
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat - deleted
C:\Program Files\eBay\eBay Toolbar2\eBayDaemon.BAK - deleted
C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll.tmp - deleted
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe.tmp - deleted
C:\Program Files\eBay\eBay Toolbar2\eBayToolbarComm.dll.tmp - deleted
C:\Program Files\eBay\eBay Toolbar2\TBVersion.xml.tmp - deleted
C:\Program Files\eMule\downloads.bak - deleted
C:\Program Files\eMule\eMule Light.tmpl - deleted
C:\Program Files\eMule\eMule.tmpl - deleted
C:\Program Files\eMule\config\clients.met.bak - deleted
C:\Program Files\eMule\Temp\002.part.met.bak - deleted
C:\Program Files\eMule\Temp\003.part.met.bak - deleted
C:\Program Files\eMule\Temp\010.part.met.bak - deleted
C:\Program Files\Fichiers communs\mozilla.org\GRE\1.7.3_2004091008\softokn3.chk - deleted
C:\Program Files\Guitar Pro 5	mp	mp.tmp - deleted
C:\Program Files\Micro Application\Architecte Studio\P!3DFWS.TMP - deleted
C:\Program Files\Micro Application\Diaporama Créateur Photo Haute Définition\Data\Emitters\Snow\Emitter.emi.bak - deleted
C:\Program Files\Mozilla Firefox\freebl3.chk - deleted
C:\Program Files\Mozilla Firefox\softokn3.chk - deleted
C:\Program Files\Mozilla Thunderbird\softokn3.chk - deleted
C:\Program Files\mozilla.org\Mozilla\softokn3.chk - deleted
C:\WINDOWS\imsins.BAK - deleted
C:\WINDOWS\Fonts\VERDANA.TTF.BAK - deleted
C:\WINDOWS\Fonts\VERDANAB.TTF.BAK - deleted
C:\WINDOWS\Fonts\VERDANAI.TTF.BAK - deleted
C:\WINDOWS\Fonts\VERDANAZ.TTF.BAK - deleted
C:\WINDOWS\Installer\MSI14.tmp - deleted
C:\WINDOWS\Installer\MSI15.tmp - deleted
C:\WINDOWS\Installer\MSI32.tmp - deleted
C:\WINDOWS\Installer\MSI34.tmp - deleted
C:\WINDOWS\Installer\MSI39.tmp - deleted
C:\WINDOWS\Installer\MSI3A.tmp - deleted
C:\WINDOWS\Installer\MSI6.tmp - deleted
C:\WINDOWS\Installer\MSI7.tmp - deleted
C:\WINDOWS\Installer\MSI9.tmp - deleted
C:\WINDOWS\Installer\MSIA.tmp - deleted
C:\WINDOWS\Installer\MSIB.tmp - deleted
C:\WINDOWS\Installer\MSIC.tmp - deleted
C:\WINDOWS\Installer\MSIE.tmp - deleted
C:\WINDOWS\Installer\MSIF.tmp - deleted
C:\WINDOWS\pchealth\helpctr\Config\Cache\Personal_32_1036.dat.bak - deleted
C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat - deleted
C:\WINDOWS\Resources\Themes\Luna\luna.msstyles - deleted
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk - deleted
C:\WINDOWS\system32\wpa.bak - deleted
C:\WINDOWS\system32\CONFIG.TMP - deleted
C:\WINDOWS\system32\olepro32.dll.tmp - deleted
C:\WINDOWS\system32\SETA8.tmp - deleted
C:\WINDOWS\system32\SETAC.tmp - deleted
C:\WINDOWS\system32\SETB4.tmp - deleted
C:\WINDOWS\system32\CatRoot2\edb.chk - deleted
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012005111420051115\index.dat - deleted
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - deleted
C:\WINDOWS\system32\usmt\migwiz.exe.manifest - deleted
Emptied Recycle Bin on drive C:
'Run MRU' list - removed from the registry.
Paint Recent File List - removed from the registry.
WordPad Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
CleanUp! 4.0 recovered 1.23 GB of disk space from 1421 files. Wow! You really needed that.
CleanUp! finished on 07/26/07 17:20:26.



Et l'autre scan avec hijack ça me donne ça :

Logfile of HijackThis v1.99.1
Scan saved at 17:28:33, on 26/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
c:\program files\softwin\bitdefender free edition\bdmcon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS
otepad.exe
C:\PROGRA~1\CleanUp!\cleanup.exe
C:\Program Files\CleanUp!\Cleanup.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/wdgt3/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B8C5186E-EC37-4889-9C2E-F73649FFB7BB} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: CIEIntegrator Object - {D3B4C621-6024-410B-9F0F-22CBD6981F5E} - C:\Program Files\ProtectionAssuree\Addons\popupg.dll (file missing)
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [Vaderetro Outlook] "C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDNewsAgent] c:\program files\softwin\bitdefender free edition\bdnagent.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [rtasks] C:\Program Files\ProtectionAssureetasks.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WiFiCtrl] C:\Program Files\Hercules\Hercules WiFi Controller Software\WiFiCtrl.exe min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperPower2.exe] C:\DOCUME~1\bayrand\Bureau\NICO\SUPERP~1.EXE /r
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)



Ca vous avance pour m'aider?

Merci encore

jalobservateur · Answer

Et Suis cette procédure :https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Les Xrouges surtout BYE BYE !

[Virus] infecté Trojan.Downloader.WinFixer.W

4 réponses

Discussions similaires